1、服务安装
安装依赖:yum install php70-ldap.x86_64 -y (版本尽量大于5.3,否则会提示更新php程序)
yum install httpd -y
如果出现yum下没有php包解决方案No package php available
(1)检查当前安装的php包
yum list installed | grep php
如果有安装的php包,则先删除
yum remove php.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64
(2)更换yum源
Centos 5.X:
rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
CentOs 6.x:
rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
CentOs 7.X:
rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
查看当前系统php版本,php -v ,centos一般自带php版本5.4,需升级到7,如下所示:
1、查看yum的可安装的php版本列表
yum provides php
2、开始升级PHP更新源
(1)rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
(2) rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
(3)yum remove php-common -y
(4)yum install -y php72w php72w-opcache php72w-xml php72w-mcrypt php72w-gd php72w-devel php72w-mysql php72w-intl php72w-mbstring
3、查看版本已经升级到7,php -v
3、配置apache
/etc/httpd/conf.d/self-service-password.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName 192.168.4.209
DocumentRoot /usr/share/self-service-password
DirectoryIndex index.php
AddDefaultCharset UTF-8
<Directory “/usr/share/self-service-password”>
AllowOverride None
Require all granted
LogLevel warn
ErrorLog /var/log/httpd/ssp_error_log
CustomLog /var/log/httpd/ssp_access_log combined
4、配置self service password
vim /usr/share/self-service-password/conf/config.inc.php
#关闭 问题验证 和 短信验证(视个人需要):
$use_questions=false;
$use_sms= false;
#配置 LDAP
l
d
a
p
u
r
l
=
"
l
d
a
p
:
/
/
l
d
a
p
.
x
x
x
x
x
.
n
e
t
"
;
ldap_url = "ldap://ldap.xxxxx.net";
ldapurl="ldap://ldap.xxxxx.net"; ldap_starttls = false;
l
d
a
p
b
i
n
d
d
n
=
"
c
n
=
M
a
n
a
g
e
r
,
d
c
=
l
d
a
p
,
d
c
=
x
x
x
x
x
x
,
d
c
=
n
e
t
"
;
ldap_binddn = "cn=Manager,dc=ldap,dc=xxxxxx,dc=net";
ldapbinddn="cn=Manager,dc=ldap,dc=xxxxxx,dc=net"; ldap_bindpw = “xxxxxxxxx”;
l
d
a
p
b
a
s
e
=
"
d
c
=
l
d
a
p
,
d
c
=
x
x
x
x
x
x
,
d
c
=
n
e
t
"
;
ldap_base = "dc=ldap,dc=xxxxxx,dc=net";
ldapbase="dc=ldap,dc=xxxxxx,dc=net"; ldap_login_attribute = “cn”; ##如果登陆失败,查看用户是uid还是cn
l
d
a
p
f
u
l
l
n
a
m
e
a
t
t
r
i
b
u
t
e
=
"
c
n
"
;
ldap_fullname_attribute = "cn";
ldapfullnameattribute="cn"; ldap_filter = “(&(objectClass=person)($ldap_login_attribute={login}))”;
$who_change_password = “manager”; #指定LDAP 以什么用户身份更改密码
#配置邮件
m
a
i
l
f
r
o
m
=
"
e
l
k
@
x
x
x
x
x
.
c
o
m
"
;
mail_from = "elk@xxxxx.com";
mailfrom="elk@xxxxx.com"; mail_from_name = “企业账号密码重置”;
$mail_signature = “”;
KaTeX parse error: Expected 'EOF', got '#' at position 31: …e = true; #̲密码修改成功后,向用户发送通知…mail_sendmailpath = ‘/usr/sbin/sendmail’; #需安装sendmail服务 yum install -y sendmail
m
a
i
l
p
r
o
t
o
c
o
l
=
′
s
m
t
p
′
;
mail_protocol = 'smtp';
mailprotocol=′smtp′; mail_smtp_debug = 0;
m
a
i
l
d
e
b
u
g
f
o
r
m
a
t
=
′
h
t
m
l
′
;
mail_debug_format = 'html';
maildebugformat=′html′; mail_smtp_host = ‘smtp.gmail.com’;
m
a
i
l
s
m
t
p
a
u
t
h
=
t
r
u
e
;
mail_smtp_auth = true;
mailsmtpauth=true; mail_smtp_user = ‘elk@xxxxxx.com’;
m
a
i
l
s
m
t
p
p
a
s
s
=
′
x
x
x
x
x
x
′
;
mail_smtp_pass = 'xxxxxx';
mailsmtppass=′xxxxxx′; mail_smtp_port = 587;
m
a
i
l
s
m
t
p
t
i
m
e
o
u
t
=
30
;
mail_smtp_timeout = 30;
mailsmtptimeout=30; mail_smtp_keepalive = false;
m
a
i
l
s
m
t
p
s
e
c
u
r
e
=
′
t
l
s
′
;
mail_smtp_secure = 'tls';
mailsmtpsecure=′tls′; mail_contenttype = ‘text/plain’;
m
a
i
l
w
o
r
d
w
r
a
p
=
0
;
mail_wordwrap = 0;
mailwordwrap=0; mail_charset = ‘utf-8’;
m
a
i
l
p
r
i
o
r
i
t
y
=
3
;
mail_priority = 3;
mailpriority=3; mail_newline = PHP_EOL;
5、重启httpd
systemctl restart httpd
6、访问页面
http://192.168.4.209
遇到以下错误
修改配置: $keyphrase = “secret”; —> $keyphrase = “ldapchangepasswd”; #任意字符串 路径:/usr/share/self-service-password/conf/config.inc.php
再重启httpd